SonicWall Pro-VX & XPRS2

Best known for its SOHO (small office/home office) firewall products, SonicWall is trying to beef up its offerings to reach larger organizations. But despite an easy-to-use Web-based administrative interface, the lack of centralized deployment and management tools makes it hard to recommend SonicWall's VPNs for a company's core deployments.

We're impressed, though, with SonicWall's documentation. Though it may seem somewhat insignificant, the documentation helped take what is typically a difficult taskconfiguring the VPNs to interoperate with higher-end products from other manufacturersand make it a reasonably easy affair. Simplifying the configuration process could help SonicWall find a niche by providing low-cost branch-office and telecommuter VPN devices for cash-strapped organizations. This niche, however, can exist only if enough organizations have very savvy, technically sophisticated end users who can import VPN settings files and configure the units themselves, or if they have small enough remote-user populations that administrators can handle the units before sending them out to remote users. These are two pretty big ifs.

We tested the SonicWall Pro-VX central-office unit ($4,995 list with 50 clients) and the XPRS2 branch-office unit ($1,795 for unlimited clients). The setup process is the same for both. Differences between the two are in the hardware: The Pro-VX contains an encryption card that supports up to 1,000 VPN tunnels, offers better reporting and logging capabilities, contains more memory (16MB of RAM and 4MB of Flash), and a faster processor (233-MHz StrongARM RISC). It is intended for larger organizations than is the XPRS2, which lacks hardware encryption, has less memory (8MB of RAM and 4MB of Flash), and comes with a slower CPU (133-MHz Toshiba TX39). The firewall remains the same on both models. During our performance tests, the products were able to handle only modest loads comfortably.

To configure the VPNs, we first had to set up their firewalls. A wizard walked us through specifying the IP address, gateway, and DNS information. We then registered the firewalls via a Web-based subscription service, which also let us enable any desired added features.

Enabling the SonicWall VPNs is straightforward, requiring just a few settings. The majority of the configuration steps are found on the VPN software client, which has been licensed from SafeNet. The client is very basic and lacks the flexibility and configuration choices available with the Cisco, Nokia, and RedCreek products. The SonicWall client boots with Microsoft Windows, and you can't launch it from your desktop. Without a centralized management solution, which SonicWall claims it will have by the end of the year, these products' utility is limited.

SonicWall now offers SNMP support, enabling status monitoring and SNMP traps, but you can't use third-party products such as HP OpenView to make changes or manage units centrally. SonicWall's log viewer helps with troubleshooting failures, but we're disappointed to see that log files can be e-mailed only to a single administrator.

PCMag may earn affiliate commissions from the shopping links included on this page. These commissions do not affect how we test, rate or review products. To find out more, read our complete terms of use.